On Wed, 11 Apr 2007, Chris Bartram wrote:
> >> grep: /etc/ipsec.conf: No such file or
directory
> >> cat: /etc/ipsec.conf: No such file or
directory
> >
> > Seems you have no config file??
>
> Hadn't gotten that far; I did just begin setting it up
though. I want to
> allow two configs;
Normally openswan installs stub config files. They have one
important feature,
which is to include /etc/ipsec.d/examples/no_oe.conf. They
also provide the
standard "config setup" section, where you will
have to enable NAT-T.
> 1) roadwarrior on XP SP2 boxes (using windows built-in
vpn) using certs and
> authenticating using my Win2003 domain controller
>
> 2) a remote peer network (also using certs) -using a
commercial firewall
> that does support connections to Openswan (don't recall
the name or OS at
> the moment though)
Should work.
> conn l2tp-X.509
> right=%any
> rightca=%same
> rightrsasigkey=%cert
> rightprotoport=17/1701
> rightsubnet=vhost:%priv,%no
You might need rightprotoport=17/%any to support OSX (and
perhaps Windows Vista)
Paul
--
Building and integrating Virtual Private Networks with
Openswan:
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155
_______________________________________________
Users openswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan:
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155
|
